Разработка • The GitHub Blog • 1 июля 2022 г. 17:00
New Actions from Anchore, NowSecure, SBT, and Trivy are now available to create a more comprehensive GitHub Dependency Graph.... читать далее
Security GitHub ActionsРазработка • The GitHub Blog • 1 июля 2022 г. 15:22
Can projects and GitHub Actions be used by your non-developer teams? They absolutely can. Check out how our Security Team uses GitHub to run the department effortlessly.... читать далее
Company Product Security GitHub Actions GitHub IssuesРазработка • The GitHub Blog • 27 июня 2022 г. 20:24
We’re excited to announce that the GitHub Advisory Database now includes curated security advisories on Erlang, Elixir, and more.... читать далее
Company SecurityРазработка • The GitHub Blog • 17 июня 2022 г. 19:00
Expand the completeness of your dependency graph by using the dependency submission API, which will create more comprehensive alerts on supply chain vulnerabilities... читать далее
Product Security DependabotРазработка • The GitHub Blog • 15 июня 2022 г. 15:46
To combat the prevalence of malware in the open source ecosystem, GitHub now publishes malware occurrences in the GitHub Advisory Database. These advisories power Dependabot alerts and remain forever free and usable by the community.... читать далее
Security Dependabot supply chain securityРазработка • The GitHub Blog • 9 июня 2022 г. 20:47
Dependabot is generally available in GitHub Enterprise Server 3.5. Here is how to set up Dependabot on your instance.... читать далее
Enterprise Dependabot supply chain securityРазработка • The GitHub Blog • 7 июня 2022 г. 19:55
A personal story about building the feature you want and sharing it with the world.... читать далее
Engineering Enterprise Security Dependabot supply chain securityРазработка • The GitHub Blog • 6 июня 2022 г. 10:15
The Rust community can now discover, report, and prevent security vulnerabilities.... читать далее
Product Security supply chain securityРазработка • The GitHub Blog • 2 июня 2022 г. 16:52
Learn how you can securely manage users with the latest ships for GitHub Enterprise.... читать далее
Enterprise Security Dependabot GitHub Enterprise Cloud GitHub Enterprise ServerРазработка • The GitHub Blog • 31 мая 2022 г. 16:36
GitHub Enterprise Server 3.5 is available now, including access to the Container registry, the addition of Dependabot, enhanced administrator capabilities, and features for GitHub Advanced Security.... читать далее
Enterprise Product Security Dependabot GitHub Actions GitHub Advanced Security GitHub Enterprise Server GitHub PackagesРазработка • The GitHub Blog • 25 мая 2022 г. 22:22
A two-part story about how GitHub’s Product Security Engineering team rolled out Dependabot internally to track vulnerable dependencies, and how GitHub tracks and prioritizes technical debt.... читать далее
Enterprise Security DependabotРазработка • The GitHub Blog • 20 мая 2022 г. 15:27
Upgrade to GHES 3.2 or newer by June 3rd to continue using GitHub Connect.... читать далее
Engineering Product GitHub Connect GitHub Enterprise Cloud GitHub Enterprise ServerРазработка • The GitHub Blog • 16 мая 2022 г. 22:29
The innersource contribution percentage is the rate of contributions from people outside the team that originally authored the software. Let’s dive into what it can look like for your organization.... читать далее
Enterprise innersourceРазработка • The GitHub Blog • 6 мая 2022 г. 15:52
We're taking a look at some of the most common security vulnerabilities and detailing how developers can best protect themselves.... читать далее
Product Security code scanning Dependabot GitHub Security LabРазработка • The GitHub Blog • 28 апреля 2022 г. 15:55
These days software is subject to an ever-changing threat landscape. Check out the many ways you can keep your projects secure on GitHub today.... читать далее
Product Security supply chain securityРазработка • The GitHub Blog • 22 апреля 2022 г. 14:59
From plug-and-play automations to protected branches, here are simple ways any developer can build more secure software on GitHub—all with a free account.... читать далее
Product Security CodeQL Dependabot GitHub ActionsРазработка • The GitHub Blog • 14 апреля 2022 г. 16:30
Today, we're shipping a new feature for Dependabot alerts which helps you better understand how you're affected by a vulnerability.... читать далее
Open Source Product Security Dependabot supply chain securityРазработка • The GitHub Blog • 6 апреля 2022 г. 18:13
The new dependency review action and API prevents the introduction of known supply chain vulnerabilities into your code.... читать далее
Engineering Product GitHub Actions supply chain securityРазработка • The GitHub Blog • 6 апреля 2022 г. 15:55
We want to take away the pain and effort of keeping your code secure, so check out how Dependabot empowers developers to keep to their projects secure.... читать далее
Product Security Dependabot supply chain securityРазработка • The GitHub Blog • 4 апреля 2022 г. 17:57
Organizations with GitHub Advanced Security can now proactively protect against secret leaks with secret scanning’s new push protection feature.... читать далее
Enterprise Security GitHub Advanced Security Secret Scanning
